The urge to prioritize compliance is understandable; after all, a breach may happen, but an audit will happen. A focus on avoiding penalties, a misunderstanding of the purpose of regulations and the tendency to meet the bare minimum requirements are all signifiers of a compliance-first approach. None of them deliver real security.
Phil Muncaster reports on China and beyond
Jon Collins’ in-depth look at tech and society
Kathryn Cave looks at the big trends in tech